Open georginaplatt opened 2 years ago
"You must use NHS login if you're building products and services and need to digitally authenticate members of the public logging into them."
I see two challenges with that:
Firstly, is NHS-login truly for "Members of the Public" or is it for "Patients"? In NHS Blood and Transplant we have blood donors who are not necessarily patients of an NHS England service. These could be visitors to England from the home nations or abroad, or migrants who have not yet qualified for NHS service provision. They all fit the definition of "Members of the Public", but they are not patients of NHS England so may not be able to achieve medium-, and certainly not high-level proof of identity.
Secondly, some NHS services have a UK-wide geographic scope rather than England only. For example, the Organ Donor register is maintained by NHSBT but takes registrations from candidate donors, and is accessed by organ retrieval staff across the UK. I don't think we can mandate use of the NHS Log-in for service users for example in Scotland or Northern Ireland, and we certainly can't do anything that would limit our service offering to them vs English donors.
There are 3 NHS services currently using the NHS Login, none of them have a UK-wide scope:
What
You must use NHS login if you're building products and services and need to digitally authenticate members of the public logging into them.
What is NHS login? NHS login gives members of the public a simple, secure and reusable way to access multiple digital health and care services with one set of login details.
Why
The System Design Authority (SDA) approves inclusion of common tools in the service manual. It has approved NHS login.
For a technology or tool to be added to section 11 of the NHS digital service standard it must:
have a clear onboarding process for integration into a product or service be well documented, including support information for developers and users have a transparent and robust assurance process support national standards
Anything else
We're very interested in hearing what you think about the standards and technology section of the service manual and how it might, or might not, help you develop digital services in health.